Cloud Data Access Violations Rampant

By CIOinsight |
Posted 10-27-2010

The cloud is still "akin to the Wild West" when it comes to the
security of the data hosted there, according to the 2010 Access Assurance Survey conducted by identity and access management vendor Courion. One in seven respondents admit that they know
there are potential access violations in their company's cloud applications, but they don't
know how to find them.

The survey also finds widespread confusion about who is
responsible for securing cloud data in the enterprise, with 78.4 percent of respondents unable to
identify the single party responsible.

Conducted in October 2010, the global survey of 384 business managers from
large enterprises--86 percent of which had at least 1,000 employees--reveals
that cloud adoption may be outpacing commensurate security controls. In
addition, the lack of knowledge about which systems or applications employees
have access to is actually increasing, up nearly 10 percent from last year's
figures.

Nearly half (48.1 percent) of respondents say they are not confident that a
compliance audit of their cloud-based applications would show that all user
access is appropriate. An additional 15.7 percent admit that they are aware that
potential access violations exist, but they don't know how to find them. More
than three quarters of respondents cannot say who they believe should be
responsible for data housed in a cloud environment.